Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Fri, 30 May 2008 20:43:51 +0000 (UTC)
From: security curmudgeon <jericho@...rition.org>
To: oss-security@...ts.openwall.com
Subject: Re: Latest flash player is not vulnerable


: Adobe announced that the flaw that is in the wild is not a new one. The 
: attack took the advantage of other security flaws to redirect the user 
: from legitimate sites to malicious domains serving exploit SWFs
: 
: http://blogs.adobe.com/psirt/2008/05/more_information_on_recent_fla.html
: 
: Just for informing for those who missed the news :-)

This was quite the frenzy, all based on some fairly poor vulnerability 
'research' and testing.

http://osvdb.org/blog/?p=246
Whos to blame? The hazard of 0-day.
May 30th, 2008

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux